Package: libapt-pkg5.0 Version: 1.4.9 Severity: normal Tags: patch Dear Maintainer,
In troubleshooting of another problem I found an invalid memory access testing with ASAN. Attached is a patch to ensure this does not happen. -- System Information: Debian Release: 9.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages libapt-pkg5.0 depends on: ii libbz2-1.0 1.0.6-8.1 ii libc6 2.24-11+deb9u3 ii libgcc1 1:6.3.0-18+deb9u1 ii liblz4-1 0.0~r131-2+b1 ii liblzma5 5.2.2-1.2+b1 ii libstdc++6 6.3.0-18+deb9u1 ii zlib1g 1:1.2.8.dfsg-5 Versions of packages libapt-pkg5.0 recommends: ii apt 1.4.9 libapt-pkg5.0 suggests no packages. -- no debconf information
commit 706e8fe6cb93323e6b03c662aaced03a36db3574 Author: Sam Bingner <s...@bingner.com> Date: Thu Apr 11 13:31:14 2019 -1000 Don't access invalid string indexes diff --git a/apt-pkg/deb/debmetaindex.cc b/apt-pkg/deb/debmetaindex.cc index f25906fba..610965024 100644 --- a/apt-pkg/deb/debmetaindex.cc +++ b/apt-pkg/deb/debmetaindex.cc @@ -682,13 +682,13 @@ bool debReleaseIndex::SetSignedBy(std::string const &pSignedBy) SignedBy = os.str(); } // Normalize the string: Remove trailing commas - while (SignedBy[SignedBy.size() - 1] == ',') + while (SignedBy.size() > 0 && SignedBy[SignedBy.size() - 1] == ',') SignedBy.resize(SignedBy.size() - 1); } else { // Only compare normalized strings auto pSignedByView = APT::StringView(pSignedBy); - while (pSignedByView[pSignedByView.size() - 1] == ',') + while (pSignedByView.size() > 0 && pSignedByView[pSignedByView.size() - 1] == ',') pSignedByView = pSignedByView.substr(0, pSignedByView.size() - 1); if (pSignedByView != SignedBy) return _error->Error(_("Conflicting values set for option %s regarding source %s %s: %s != %s"), "Signed-By", URI.c_str(), Dist.c_str(), SignedBy.c_str(), pSignedByView.to_string().c_str());